Release v2.7.1 (#397)

README.md

@@ -17,14 +17,11 @@
 
 Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners.
 
-For self-hosted environments, Harden-Runner supports:
+Learn how Harden-Runner works through the video below, which shows how it detected a supply chain attack on a Google open-source project.
 
-1. Kubernetes runners setup using Actions Runner Controller (ARC)
+<a href="https://youtu.be/Yz72qAOrN9s" target="_blank"><img src="images/case-study-thumbnail1.png" alt="Harden-Runner detected supply chain attack in a Google open-source project" title="This case study video shows how StepSecurity Harden-Runner detected a CI/CD supply chain attack in real-time in Google’s open-source project Flank"></a>
-2. Virtual Machine runners (e.g. on EC2) - both ephemeral and persistent runners are supported
 
-![Harden Runner Demo](images/main.png)
+## 3,000+ open source projects use Harden-Runner
-
-## Explore open source projects using Harden-Runner
 
 | [![CISA](https://avatars.githubusercontent.com/u/18539691?s=60&v=4)](https://app.stepsecurity.io/github/cisagov/skeleton-generic/actions/runs/7588528684) | [![Microsoft](https://avatars.githubusercontent.com/u/6154722?s=60&v=4)](https://app.stepsecurity.io/github/microsoft/ebpf-for-windows/actions/runs/7587031851) | [![Google](https://avatars.githubusercontent.com/u/2810941?s=60&v=4)](https://app.stepsecurity.io/github/GoogleCloudPlatform/functions-framework-ruby/actions/runs/7576989995) | [![DataDog](https://avatars.githubusercontent.com/u/365230?s=60&v=4)](https://app.stepsecurity.io/github/DataDog/stratus-red-team/actions/runs/7446169664) | [![Intel](https://avatars.githubusercontent.com/u/17888862?s=60&v=4)](https://app.stepsecurity.io/github/intel/cve-bin-tool/actions/runs/7590975903) | [![Kubernetes](https://avatars.githubusercontent.com/u/36015203?s=60&v=4)](https://app.stepsecurity.io/github/kubernetes-sigs/cluster-api-provider-azure/actions/runs/7591172950) | [![Node.js](https://avatars.githubusercontent.com/u/9950313?s=60&v=4)](https://app.stepsecurity.io/github/nodejs/node/actions/runs/7591405720) | [![AWS](https://avatars.githubusercontent.com/u/2232217?s=60&v=4)](https://app.stepsecurity.io/github/aws/aperf/actions/runs/7631366761) |
 | --------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -41,11 +38,9 @@ Harden-Runner monitors process, file, and network activity to:
 |     | Countermeasure                                                                                                                      | Prevent Security Breach                                                                                                                                                                                                                                                                                                                             |
 | --- | ----------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | 1.  | Monitor and block outbound network traffic at the DNS, HTTPS (Layer 7), and network layers (Layers 3 and 4) to prevent exfiltration of code and CI/CD credentials | To prevent the [Codecov breach](https://github.com/step-security/github-actions-goat/blob/main/docs/Vulnerabilities/ExfiltratingCICDSecrets.md) scenario                                                                                                                                                                                                |
-| 2.  | Detect if source code is being tampered during the build process to inject a backdoor                                               | To detect the [SolarWinds incident](https://github.com/step-security/github-actions-goat/blob/main/docs/Vulnerabilities/TamperingDuringBuild.md) scenario                                                                                                                                                                                               |
+| 2.  | Detect if source code is being tampered during the build process to inject a backdoor                                               | To detect the [XZ Utils](https://www.stepsecurity.io/blog/analysis-of-backdoored-xz-utils-build-process-with-harden-runner) and [SolarWinds incident](https://github.com/step-security/github-actions-goat/blob/main/docs/Vulnerabilities/TamperingDuringBuild.md) scenario                                                                                                                                                                                               |
 | 3.  | Detect poisoned workflows and compromised dependencies                                                                              | To detect [Dependency confusion](https://github.com/step-security/github-actions-goat/blob/main/docs/Vulnerabilities/ExfiltratingCICDSecrets.md#dependency-confusion-attacks) and [Malicious dependencies](https://github.com/step-security/github-actions-goat/blob/main/docs/Vulnerabilities/ExfiltratingCICDSecrets.md#compromised-dependencies) |
 
-Read this [case study](https://infosecwriteups.com/detecting-malware-packages-in-github-actions-7b93a9985635) on how Harden-Runner detected malicious packages in the NPM registry.
-
 ## How
 
 ### GitHub-Hosted Runners
@@ -68,13 +63,13 @@ Read this [case study](https://infosecwriteups.com/detecting-malware-packages-in
 3. Click on the link ([example link](https://app.stepsecurity.io/github/step-security/github-actions-goat/actions/runs/7704454287)). You will see a process monitor view of network and file events correlated with each step of the job.
 
     <p align="left">
-      <img src="images/network-events.png" alt="Insights from harden-runner" >
+      <img src="images/network-events1.png" alt="Insights from harden-runner" >
     </p>
 
 4. In the `Recommended Policy` tab, you'll find a recommended block policy based on outbound calls aggregated from the current and past runs of the job. You can update your workflow file with this policy, or alternatively, use the [Policy Store](https://docs.stepsecurity.io/harden-runner/how-tos/block-egress-traffic#2-add-the-policy-using-the-policy-store) to apply the policy without modifying the workflow file. From now on, any outbound calls not in the allowed list will be blocked.
 
     <p align="left">
-      <img src="images/recommended-policy.png" alt="Policy recommended by harden-runner" >
+      <img src="images/recommended-policy1.png" alt="Policy recommended by harden-runner" >
     </p>
 
 ## Hands-On Tutorials

dist/index.js

@@ -2836,6 +2836,11 @@ __nccwpck_require__.r(__webpack_exports__);
 var lib_core = __nccwpck_require__(186);
 // EXTERNAL MODULE: external "fs"
 var external_fs_ = __nccwpck_require__(747);
+;// CONCATENATED MODULE: ./src/configs.ts
+const STEPSECURITY_ENV = "agent"; // agent or int
+const STEPSECURITY_API_URL = `https://${STEPSECURITY_ENV}.api.stepsecurity.io/v1`;
+const configs_STEPSECURITY_WEB_URL = "https://app.stepsecurity.io";
+
 ;// CONCATENATED MODULE: ./src/common.ts
 var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@@ -2848,6 +2853,7 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
 };
 
 
+
 function printInfo(web_url) {
     console.log("\x1b[32m%s\x1b[0m", "View security insights and recommended policy at:");
     console.log(`${web_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}`);
@@ -2872,10 +2878,10 @@ const processLogLine = (line, tableEntries) => {
 };
 function addSummary() {
     return __awaiter(this, void 0, void 0, function* () {
-        if (process.env.STATE_monitorStatusCode !== "200") {
+        if (process.env.STATE_addSummary !== "true") {
             return;
         }
-        const web_url = "https://app.stepsecurity.io";
+        const web_url = STEPSECURITY_WEB_URL;
         const insights_url = `${web_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}`;
         const log = "/home/agent/agent.log";
         if (!fs.existsSync(log)) {
@@ -3015,6 +3021,7 @@ var src_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argu
 
 
 
+
 (() => src_awaiter(void 0, void 0, void 0, function* () {
     if (process.platform !== "linux") {
         console.log(UBUNTU_MESSAGE);
@@ -3034,7 +3041,7 @@ var src_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argu
         console.log("Telemetry will not be sent to StepSecurity API as disable-telemetry is set to true");
     }
     else {
-        var web_url = "https://app.stepsecurity.io";
+        var web_url = configs_STEPSECURITY_WEB_URL;
         printInfo(web_url);
     }
 }))();

dist/post/index.js

@@ -139,7 +139,7 @@ const command_1 = __nccwpck_require__(351);
 const file_command_1 = __nccwpck_require__(717);
 const utils_1 = __nccwpck_require__(278);
 const os = __importStar(__nccwpck_require__(87));
-const path = __importStar(__nccwpck_require__(622));
+const path = __importStar(__nccwpck_require__(277));
 const oidc_utils_1 = __nccwpck_require__(41);
 /**
  * The code to exit an action
@@ -618,7 +618,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
 exports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0;
-const path = __importStar(__nccwpck_require__(622));
+const path = __importStar(__nccwpck_require__(277));
 /**
  * toPosixPath converts the given path to the posix form. On Windows, \\ will be
  * replaced with /.
@@ -2752,7 +2752,7 @@ module.exports = require("os");
 
 /***/ }),
 
-/***/ 622:
+/***/ 277:
 /***/ ((module) => {
 
 "use strict";
@@ -2838,6 +2838,11 @@ var external_fs_ = __nccwpck_require__(747);
 const external_child_process_namespaceObject = require("child_process");
 // EXTERNAL MODULE: ./node_modules/@actions/core/lib/core.js
 var core = __nccwpck_require__(186);
+;// CONCATENATED MODULE: ./src/configs.ts
+const STEPSECURITY_ENV = "agent"; // agent or int
+const STEPSECURITY_API_URL = `https://${STEPSECURITY_ENV}.api.stepsecurity.io/v1`;
+const STEPSECURITY_WEB_URL = "https://app.stepsecurity.io";
+
 ;// CONCATENATED MODULE: ./src/common.ts
 var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@@ -2850,6 +2855,7 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
 };
 
 
+
 function printInfo(web_url) {
     console.log("\x1b[32m%s\x1b[0m", "View security insights and recommended policy at:");
     console.log(`${web_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}`);
@@ -2874,10 +2880,10 @@ const processLogLine = (line, tableEntries) => {
 };
 function addSummary() {
     return __awaiter(this, void 0, void 0, function* () {
-        if (process.env.STATE_monitorStatusCode !== "200") {
+        if (process.env.STATE_addSummary !== "true") {
             return;
         }
-        const web_url = "https://app.stepsecurity.io";
+        const web_url = STEPSECURITY_WEB_URL;
         const insights_url = `${web_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}`;
         const log = "/home/agent/agent.log";
         if (!external_fs_.existsSync(log)) {
@@ -3109,6 +3115,12 @@ var cleanup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _
         var content = external_fs_.readFileSync(log, "utf-8");
         console.log(content);
     }
+    const daemonLog = "/home/agent/daemon.log";
+    if (external_fs_.existsSync(daemonLog)) {
+        console.log("daemonLog:");
+        var content = external_fs_.readFileSync(daemonLog, "utf-8");
+        console.log(content);
+    }
     var status = "/home/agent/agent.status";
     if (external_fs_.existsSync(status)) {
         console.log("status:");

dist/pre/index.js

@@ -71246,6 +71246,11 @@ const validate = dist.validate;
 const stringify = dist.stringify;
 const parse = dist.parse;
 
+;// CONCATENATED MODULE: ./src/configs.ts
+const STEPSECURITY_ENV = "agent"; // agent or int
+const STEPSECURITY_API_URL = `https://${STEPSECURITY_ENV}.api.stepsecurity.io/v1`;
+const configs_STEPSECURITY_WEB_URL = "https://app.stepsecurity.io";
+
 ;// CONCATENATED MODULE: ./src/common.ts
 var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@@ -71258,6 +71263,7 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
 };
 
 
+
 function printInfo(web_url) {
     console.log("\x1b[32m%s\x1b[0m", "View security insights and recommended policy at:");
     console.log(`${web_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}`);
@@ -71282,10 +71288,10 @@ const processLogLine = (line, tableEntries) => {
 };
 function addSummary() {
     return __awaiter(this, void 0, void 0, function* () {
-        if (process.env.STATE_monitorStatusCode !== "200") {
+        if (process.env.STATE_addSummary !== "true") {
             return;
         }
-        const web_url = "https://app.stepsecurity.io";
+        const web_url = STEPSECURITY_WEB_URL;
         const insights_url = `${web_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}`;
         const log = "/home/agent/agent.log";
         if (!fs.existsSync(log)) {
@@ -71395,7 +71401,7 @@ function verifyChecksum(downloadPath, is_tls) {
     let expectedChecksum = "ceb925c78e5c79af4f344f08f59bbdcf3376d20d15930a315f9b24b6c4d0328a"; // checksum for v0.13.5
     if (is_tls) {
         expectedChecksum =
-            "204c82116e8c0eebf5409bb2b81aa5d96fe32f0c5abc1cb0364ee70937c32056"; // checksum for tls_agent
+            "e0cd0f0da1ac48df713acd8c4f0e591274de0f2c251b8526cf956c654f024ec2"; // checksum for tls_agent
     }
     if (checksum !== expectedChecksum) {
         lib_core.setFailed(`Checksum verification failed, expected ${expectedChecksum} instead got ${checksum}`);
@@ -71457,11 +71463,6 @@ function isValidEvent() {
     return RefKey in process.env && Boolean(process.env[RefKey]);
 }
 
-;// CONCATENATED MODULE: ./src/configs.ts
-const STEPSECURITY_ENV = "agent"; // agent or int
-const STEPSECURITY_API_URL = `https://${STEPSECURITY_ENV}.api.stepsecurity.io/v1`;
-const STEPSECURITY_WEB_URL = "https://app.stepsecurity.io";
-
 ;// CONCATENATED MODULE: ./src/policy-utils.ts
 var policy_utils_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@@ -71666,7 +71667,7 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
         }
         var correlation_id = v4();
         var api_url = STEPSECURITY_API_URL;
-        var web_url = STEPSECURITY_WEB_URL;
+        var web_url = configs_STEPSECURITY_WEB_URL;
         let confg = {
             repo: process.env["GITHUB_REPOSITORY"],
             run_id: process.env["GITHUB_RUN_ID"],
@@ -71680,6 +71681,7 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
             disable_file_monitoring: lib_core.getBooleanInput("disable-file-monitoring"),
             private: ((_b = (_a = github.context === null || github.context === void 0 ? void 0 : github.context.payload) === null || _a === void 0 ? void 0 : _a.repository) === null || _b === void 0 ? void 0 : _b.private) || false,
             is_github_hosted: isGithubHosted(),
+            is_debug: lib_core.isDebug(),
         };
         let policyName = lib_core.getInput("policy");
         if (policyName !== "") {
@@ -71774,16 +71776,29 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
         let _http = new lib.HttpClient();
         let statusCode;
         _http.requestOptions = { socketTimeout: 3 * 1000 };
+        let addSummary = "false";
         try {
-            const resp = yield _http.get(`${api_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}/monitor`);
+            const monitorRequestData = {
-            statusCode = resp.message.statusCode; // adding error code to check whether agent is getting installed or not.
+                correlation_id: correlation_id,
+                job: process.env["GITHUB_JOB"],
+            };
+            const resp = yield _http.postJson(`${api_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}/monitor`, monitorRequestData);
+            const responseData = resp.result;
+            statusCode = resp.statusCode; // adding error code to check whether agent is getting installed or not.
             external_fs_.appendFileSync(process.env.GITHUB_STATE, `monitorStatusCode=${statusCode}${external_os_.EOL}`, {
                 encoding: "utf8",
             });
+            if (statusCode === 200 && responseData) {
+                console.log(`Runner IP Address: ${responseData.runner_ip_address}`);
+                addSummary = responseData.monitoring_started ? "true" : "false";
+            }
         }
         catch (e) {
             console.log(`error in connecting to ${api_url}: ${e}`);
         }
+        external_fs_.appendFileSync(process.env.GITHUB_STATE, `addSummary=${addSummary}${external_os_.EOL}`, {
+            encoding: "utf8",
+        });
         console.log(`Step Security Job Correlation ID: ${correlation_id}`);
         if (String(statusCode) === STATUS_HARDEN_RUNNER_UNAVAILABLE) {
             console.log(HARDEN_RUNNER_UNAVAILABLE_MESSAGE);
@@ -71797,7 +71812,7 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
         let auth = `token ${token}`;
         let downloadPath;
         if (yield isTLSEnabled(github.context.repo.owner)) {
-            downloadPath = yield tool_cache.downloadTool("https://packages.stepsecurity.io/github-hosted/harden-runner_1.1.0_linux_amd64.tar.gz");
+            downloadPath = yield tool_cache.downloadTool("https://packages.stepsecurity.io/github-hosted/harden-runner_1.1.3_linux_amd64.tar.gz");
             verifyChecksum(downloadPath, true); // NOTE: verifying tls_agent's checksum, before extracting
         }
         else {

src/checksum.ts

@@ -14,7 +14,7 @@ export function verifyChecksum(downloadPath: string, is_tls: boolean) {
 
   if (is_tls) {
     expectedChecksum =
-      "204c82116e8c0eebf5409bb2b81aa5d96fe32f0c5abc1cb0364ee70937c32056"; // checksum for tls_agent
+      "e0cd0f0da1ac48df713acd8c4f0e591274de0f2c251b8526cf956c654f024ec2"; // checksum for tls_agent
   }
 
   if (checksum !== expectedChecksum) {

src/cleanup.ts

@@ -62,6 +62,13 @@ import { arcCleanUp, isArcRunner, removeStepPolicyFiles } from "./arc-runner";
     console.log(content);
   }
 
+  const daemonLog = "/home/agent/daemon.log";
+  if (fs.existsSync(daemonLog)) {
+    console.log("daemonLog:");
+    var content = fs.readFileSync(daemonLog, "utf-8");
+    console.log(content);
+  }
+
   var status = "/home/agent/agent.status";
   if (fs.existsSync(status)) {
     console.log("status:");

src/common.ts

@@ -1,5 +1,6 @@
 import * as core from "@actions/core";
 import * as fs from "fs";
+import { STEPSECURITY_WEB_URL } from "./configs";
 
 export function printInfo(web_url) {
   console.log(
@@ -47,11 +48,11 @@ export const processLogLine = (
 };
 
 export async function addSummary() {
-  if (process.env.STATE_monitorStatusCode !== "200") {
+  if (process.env.STATE_addSummary !== "true") {
     return;
   }
 
-  const web_url = "https://app.stepsecurity.io";
+  const web_url = STEPSECURITY_WEB_URL;
   const insights_url = `${web_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}`;
 
   const log = "/home/agent/agent.log";
@@ -172,4 +173,4 @@ export const HARDEN_RUNNER_UNAVAILABLE_MESSAGE =
   "Sorry, we are currently experiencing issues with the Harden Runner installation process. It is currently unavailable.";
 
 export const ARC_RUNNER_MESSAGE =
-  "Workflow is currently being executed in ARC based runner";
+  "Workflow is currently being executed in ARC based runner";

src/index.ts

@@ -1,6 +1,7 @@
 import * as common from "./common";
 import * as core from "@actions/core";
 import isDocker from "is-docker";
+import { STEPSECURITY_WEB_URL } from "./configs";
 
 (async () => {
   if (process.platform !== "linux") {
@@ -28,7 +29,7 @@ import isDocker from "is-docker";
       "Telemetry will not be sent to StepSecurity API as disable-telemetry is set to true"
     );
   } else {
-    var web_url = "https://app.stepsecurity.io";
+    var web_url = STEPSECURITY_WEB_URL;
     common.printInfo(web_url);
   }
 })();

src/interfaces.ts

@@ -11,6 +11,7 @@ export interface Configuration {
   disable_file_monitoring: boolean;
   is_github_hosted: boolean;
   private: string;
+  is_debug: boolean;
 }
 
 export interface PolicyResponse {

src/policy-utils.test.ts

@@ -39,6 +39,7 @@ test("merge configs", async () => {
     disable_file_monitoring: false,
     private: "true",
     is_github_hosted: true,
+    is_debug: false,
   };
   let policyResponse: PolicyResponse = {
     owner: "h0x0er",
@@ -63,6 +64,7 @@ test("merge configs", async () => {
     disable_file_monitoring: false,
     private: "true",
     is_github_hosted: true,
+    is_debug: false,
   };
 
   localConfig = mergeConfigs(localConfig, policyResponse);

src/setup.ts

@@ -26,6 +26,11 @@ import { isArcRunner, sendAllowedEndpoints } from "./arc-runner";
 import { STEPSECURITY_API_URL, STEPSECURITY_WEB_URL } from "./configs";
 import { isGithubHosted, isTLSEnabled } from "./tls-inspect";
 
+interface MonitorResponse {
+  runner_ip_address?: string;
+  monitoring_started?: boolean;
+}
+
 (async () => {
   try {
     if (process.platform !== "linux") {
@@ -54,6 +59,7 @@ import { isGithubHosted, isTLSEnabled } from "./tls-inspect";
       disable_file_monitoring: core.getBooleanInput("disable-file-monitoring"),
       private: context?.payload?.repository?.private || false,
       is_github_hosted: isGithubHosted(),
+      is_debug: core.isDebug(),
     };
 
     let policyName = core.getInput("policy");
@@ -171,11 +177,19 @@ import { isGithubHosted, isTLSEnabled } from "./tls-inspect";
     let _http = new httpm.HttpClient();
     let statusCode;
     _http.requestOptions = { socketTimeout: 3 * 1000 };
+    let addSummary = "false";
     try {
-      const resp: httpm.HttpClientResponse = await _http.get(
+      const monitorRequestData = {
-        `${api_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}/monitor`
+        correlation_id: correlation_id,
+        job: process.env["GITHUB_JOB"],
+      };
+      const resp = await _http.postJson<MonitorResponse>(
+        `${api_url}/github/${process.env["GITHUB_REPOSITORY"]}/actions/runs/${process.env["GITHUB_RUN_ID"]}/monitor`,
+        monitorRequestData
       );
-      statusCode = resp.message.statusCode; // adding error code to check whether agent is getting installed or not.
+
+      const responseData = resp.result;
+      statusCode = resp.statusCode; // adding error code to check whether agent is getting installed or not.
       fs.appendFileSync(
         process.env.GITHUB_STATE,
         `monitorStatusCode=${statusCode}${EOL}`,
@@ -183,9 +197,21 @@ import { isGithubHosted, isTLSEnabled } from "./tls-inspect";
           encoding: "utf8",
         }
       );
+
+      if (statusCode === 200 && responseData) {
+        console.log(`Runner IP Address: ${responseData.runner_ip_address}`);
+        addSummary = responseData.monitoring_started ? "true" : "false";
+      }
     } catch (e) {
       console.log(`error in connecting to ${api_url}: ${e}`);
     }
+    fs.appendFileSync(
+      process.env.GITHUB_STATE,
+      `addSummary=${addSummary}${EOL}`,
+      {
+        encoding: "utf8",
+      }
+    );
 
     console.log(`Step Security Job Correlation ID: ${correlation_id}`);
     if (String(statusCode) === common.STATUS_HARDEN_RUNNER_UNAVAILABLE) {
@@ -205,7 +231,7 @@ import { isGithubHosted, isTLSEnabled } from "./tls-inspect";
 
     if (await isTLSEnabled(context.repo.owner)) {
       downloadPath = await tc.downloadTool(
-        "https://packages.stepsecurity.io/github-hosted/harden-runner_1.1.0_linux_amd64.tar.gz"
+        "https://packages.stepsecurity.io/github-hosted/harden-runner_1.1.3_linux_amd64.tar.gz"
       );
       verifyChecksum(downloadPath, true); // NOTE: verifying tls_agent's checksum, before extracting
     } else {